Solved

Using virtualized domain controller as NTP source ?

Posted on 2015-01-13
13
414 Views
Last Modified: 2015-01-14
Hi,

I'm currently planning to change the current NTP provider from a physical old Windows 2003 server into the new Windows Server 2008 R2 Domain Controller running as VMware virtual machine.

So what are the caveats or the steps that I need to know to avoid any issue in using VM as the NTP for the entire company / Data Centre ?

Do I have to transfer FSMO role to another Domain Controller to do this or this is just a simple Group Policy change to point to another Virtualized Domain Controller ?

Thanks.
0
Comment
  • 7
  • 4
  • 2
13 Comments
 
LVL 24

Assisted Solution

by:VB ITS
VB ITS earned 167 total points
ID: 40548328
As far as the NTP clients are concerned, it's just a change in Group Policy. They won't know if the NTP server is a VM or not, nor will they care.

Before you set your 2008 R2 DC as the NTP Server for your entire domain, make sure you've disabled the time synchronization between the host and the VM otherwise you may experience issues with time drift even if you configure the server to use an external time source.

On that topic - what do you plan on using as your time source on the 2008 R2 DC? Will you be using an external time source such as ntp.pool.org?
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40548356
Yes correct I will be using that pool.ntp.org lists with space in between the entries on the GPO.

How do I disable the time synch with the ESXi hosts ?
0
 
LVL 24

Assisted Solution

by:VB ITS
VB ITS earned 167 total points
ID: 40548362
See the steps in this article to disable time synchronization in ESXi: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1189

You'll need to shut down the VM and follow the steps in the above article if you want to completely disable time synchronization.
0
 
LVL 118

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE)
Andrew Hancock (VMware vExpert / EE MVE) earned 333 total points
ID: 40548420
Make sure that the old and new NTP Servers are running and issuing the same time!
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40548432
Thanks for the suggestion Andrew,

What do you mean by old and new ?
Do you mean I must check both the VM and the physical box so that there is no more than 5 minutes different ?
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40548497
And last question... Do I need to transfer the FSMO role PDC emulator from this physical windows 2003 box to the Windows 2008R2 VM ?
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 118

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 333 total points
ID: 40548527
Hang on I've just seen this.....do you have options of using an External NTP source on the ESXi hosts , rather than a virtual machine.

We setup as follows:-

1. ESXi hosts - External Time Source

2. Windows PDC Emulator - External Time Source (same source as 1)

3. Do not Sync time to hosts in the VMs.

4. Windows VMs in the Domain will get time from PDC emulator

5. Linux/Unix VMs external time source as 1.

(otherwise you have an issue when ESXi starts, there is no time source available because the VM is not started, and if the time is apart by over 1/2mins it will not sync)
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40548629
Hmm I got confused myself here.

So my initial plan is to do the following:

All windows server and workstations synch to the new Windows Server 2008 R2 VM (not yet PDC emulator). This VM is synchronized to the external source of Pool.ntp.org --> I'm wondering if I have to transfer the FSMO role to the new win2008R2 VM or not necessary.

All ESXi hosts synch to this one VM above.
All network devices (switch, router, SAN, NAS, etc...) synch to the same windows 2008 R2 VM.

Would that be possible ?
0
 
LVL 118

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE)
Andrew Hancock (VMware vExpert / EE MVE) earned 333 total points
ID: 40548646
Windows and Workstations will sync against the domain, so, no need to change anything there.

Yes, that's a good plan.
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40548659
Cool, thanks for the quick reply.

So why your configuration for the ESXi points to the external NTP source rather than the Windows PDC role VM ?
I'm curious to know the reasoning on your configuration #1 (1. ESXi hosts - External Time Source).

As for configuration #3(3. Do not Sync time to hosts in the VMs.), only the PDC emulator role VM that does not synch with the ESXi servers.
0
 
LVL 118

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE)
Andrew Hancock (VMware vExpert / EE MVE) earned 333 total points
ID: 40548682
We have seen the NTP service on the ESXi host stop, and if you are syncing VMs with the host, they get the wrong time, so hence, sync time with domain.

We always like to sync servers with an external time source, we have seen issues on occasion with ESXi syncing with Domain, also we like to sync Physical Host to Physical Device, we have GPS and NTP Appliances.
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40548691
ah I see,

So "ESXi syncing with Domain" do you mean the issues was occurred when the ESXi synch the time with the PDC emulator role running as VM ?
0
 
LVL 7

Author Closing Comment

by:Senior IT System Engineer
ID: 40550650
Thanks !
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

HOW TO: Install and Configure VMware vSphere Hypervisor 6.5 (ESXi 6.5), Step by Step Tutorial with screenshots. From Download, Checking Media, to Completed Installation.
In this article, I will show you HOW TO: Install VMware Tools for Windows on a VMware Windows virtual machine on a VMware vSphere Hypervisor 6.5 (ESXi 6.5) Host Server, using the VMware Host Client. The virtual machine has Windows Server 2016 instal…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now